146.0 (#447 )

Removed outdated VPN Promo & Quickactions lines (#442 )
install.py: add support for macOS (#434 )
2026-06-12 07:30:47 +05:30 · 2025-12-13 16:59:25 -05:00 · 2025-10-28 23:00:52 -04:00 · 2025-10-22 20:54:50 -04:00 · 2025-10-22 20:32:40 -04:00 · 2025-10-18 21:03:42 -04:00
8 changed files with 320 additions and 195 deletions
@@ -3,7 +3,7 @@
 * Fastfox                                                                              *
 * "Non ducor duco"                                                                     *
 * priority: speedy browsing                                                            *
- * version: 137                                                                         *
+ * version: 146                                                                         *
 * url: https://github.com/yokoffing/Betterfox                                          *
 ***************************************************************************************/
@@ -22,6 +22,12 @@
 //user_pref("nglayout.initialpaint.delay", 5); // DEFAULT; formerly 250
    //user_pref("nglayout.initialpaint.delay_in_oopif", 5); // DEFAULT
 // PREF: Font rendering cache in Skia (32MB)
 // Increases font cache size to improve performance on text-heavy websites.
 // Especially beneficial for sites with many font faces or complex typography.
 // [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1239151#c2
 user_pref("gfx.content.skia-font-cache-size", 32); // 32 MB; default=5; Chrome=20
 // PREF: page reflow timer
 // Rather than wait until a page has completely downloaded to display it to the user,
 // web browsers will periodically render what has been received to that point.
@@ -33,7 +39,7 @@
 // false = reflow pages whenever new data is received
 //user_pref("content.notify.ontimer", true); // DEFAULT
-// PREF: notification interval (in microseconds) to avoid layout thrashing
+// PREF: content notification delay - notification interval (in microseconds) to avoid layout thrashing
 // When Firefox is loading a page, it periodically reformats
 // or "reflows" the page as it loads. The page displays new elements
 // every 0.12 seconds by default. These redraws increase the total page load time.
@@ -47,7 +53,16 @@
 // [1] https://searchfox.org/mozilla-central/rev/c1180ea13e73eb985a49b15c0d90e977a1aa919c/modules/libpref/init/StaticPrefList.yaml#1824-1834
 // [2] https://web.archive.org/web/20240115073722/https://dev.opera.com/articles/efficient-javascript/?page=3#reflow
 // [3] https://web.archive.org/web/20240115073722/https://dev.opera.com/articles/efficient-javascript/?page=3#smoothspeed
-user_pref("content.notify.interval", 100000); // (.10s); default=120000 (.12s)
+//user_pref("content.notify.interval", 100000); // (.10s); default=120000 (.12s)
 //user_pref("content.max.tokenizing.time", 1000000); // (1.00s); alt=2000000; HIDDEN
 //user_pref("content.interrupt.parsing", true); // HIDDEN
 // PREF: UI responsiveness threshold
 //user_pref("content.switch.threshold", 300000); // HIDDEN; default= 750000; alt=500000
 // PREF: split text nodes to a length
 // The number of bytes in a text node.
 //user_pref("content.maxtextrun", 8191); // DEFAULT; HIDDEN
 // PREF: new tab preload
 // [WARNING] Disabling this may cause a delay when opening a new tab in Firefox.
@@ -78,6 +93,15 @@ user_pref("content.notify.interval", 100000); // (.10s); default=120000 (.12s)
 // PREF: lazy load iframes
 //user_pref("dom.iframe_lazy_loading.enabled", true); // DEFAULT [FF121+]
 // PREF: Prioritized Task Scheduling API 
 // [1] https://github.com/yokoffing/Betterfox/issues/355
 // [2] https://blog.mozilla.org/performance/2022/06/02/prioritized-task-scheduling-api-is-prototyped-in-nightly/
 // [3] https://medium.com/airbnb-engineering/building-a-faster-web-experience-with-the-posttask-scheduler-276b83454e91
 // [4] https://github.com/WICG/scheduling-apis/blob/main/explainers/prioritized-post-task.md
 // [5] https://wicg.github.io/scheduling-apis/
 // [6] https://caniuse.com/mdn-api_taskcontroller
 //user_pref("dom.enable_web_task_scheduling", true); // DEFAULT [FF142+]
 /****************************************************************************
 * SECTION: GFX RENDERING TWEAKS                                            *
 ****************************************************************************/
@@ -93,6 +117,15 @@ user_pref("content.notify.interval", 100000); // (.10s); default=120000 (.12s)
 //user_pref("gfx.webrender.compositor", true); // DEFAULT WINDOWS macOS
    //user_pref("gfx.webrender.compositor.force-enabled", true); // enforce
 // PREF: Webrender layer compositor
 // [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1945683
 // [2] https://www.reddit.com/r/firefox/comments/1p58qre/firefox_is_getting_ready_to_make_youtube_fast/
 // [3] https://www.ghacks.net/2025/11/24/these-two-tweaks-should-improve-firefoxs-performance-on-youtube-significantly/
 user_pref("gfx.webrender.layer-compositor", true);
    // If your PC uses an AMD GPU, you might want to make a second change.
    // This one improves CPU usage on AMD systems.
    //user_pref("media.wmf.zero-copy-nv12-textures-force-enabled", true);
 // PREF: if your hardware doesn't support Webrender, you can fallback to Webrender's software renderer
 // [1] https://www.ghacks.net/2020/12/14/how-to-find-out-if-webrender-is-enabled-in-firefox-and-how-to-enable-it-if-it-is-not/
 //user_pref("gfx.webrender.software", true); // Software Webrender uses CPU instead of GPU
@@ -109,10 +142,13 @@ user_pref("content.notify.interval", 100000); // (.10s); default=120000 (.12s)
 // [2] https://github.com/yokoffing/Betterfox/issues/153
 // [3] https://github.com/yokoffing/Betterfox/issues/198
 //user_pref("gfx.canvas.accelerated", true); // [DEFAULT FF133+]
-    //user_pref("gfx.canvas.accelerated.cache-items", 8192); // DEFAULT FF135+; Chrome=4096
+user_pref("gfx.canvas.accelerated.cache-items", 32768); // [default=8192 FF135+]; Chrome=4096
-    user_pref("gfx.canvas.accelerated.cache-size", 512); // default=256; Chrome=512
+user_pref("gfx.canvas.accelerated.cache-size", 4096); // default=256; Chrome=512
-    user_pref("gfx.content.skia-font-cache-size", 20); // default=5; Chrome=20
+//user_pref("gfx.canvas.max-size", 32767); // DEFAULT=32767
-    // [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1239151#c2
+
 // PREF: WebGL
 user_pref("webgl.max-size", 16384); // default=1024
 //user_pref("webgl.force-enabled", true);
 // PREF: prefer GPU over CPU
 // At best, the prefs do nothing on Linux/macOS.
@@ -179,7 +215,7 @@ user_pref("browser.cache.disk.enable", false);
 // for recently read cache entries [1]. It is managed by a cache thread, and caches with
 // metadata in the pool appear to be reused immediately.
 // [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=986179
-//user_pref("browser.cache.disk.metadata_memory_limit", 500); // default=250 (0.25 MB); limit of recent metadata we keep in memory for faster access
+//user_pref("browser.cache.disk.metadata_memory_limit", 16384); // default=250 (0.25 MB); limit of recent metadata we keep in memory for faster access
 // PREF: number of chunks we preload ahead of read
 // Large content such as images will load faster.
@@ -260,8 +296,8 @@ user_pref("browser.cache.disk.enable", false);
 // [1] https://kb.mozillazine.org/Browser.cache.memory.capacity#-1
 // [2] https://searchfox.org/mozilla-central/source/netwerk/cache2/CacheObserver.cpp#94-125
 // [3] https://github.com/WaterfoxCo/Waterfox/commit/3fed16932c80a2f6b37d126fe10aed66c7f1c214
-//user_pref("browser.cache.memory.capacity", 131072); // (128 MB)
+user_pref("browser.cache.memory.capacity", 131072); // 128 MB RAM cache; alt=65536 (65 MB RAM cache); default=32768
-//user_pref("browser.cache.memory.max_entry_size", 20480); // (20 MB); default=5120 (5 MB)
+user_pref("browser.cache.memory.max_entry_size", 20480); // 20 MB max entry; default=5120 (5 MB)
 // PREF: amount of Back/Forward cached pages stored in memory for each tab
 // Pages that were recently visited are stored in memory in such a way
@@ -272,7 +308,15 @@ user_pref("browser.cache.disk.enable", false);
 // is no reason for Firefox to keep memory for this.
 // -1=determine automatically (8 pages)
 // [1] https://kb.mozillazine.org/Browser.sessionhistory.max_total_viewers#Possible_values_and_their_effects
-user_pref("browser.sessionhistory.max_total_viewers", 4);
+user_pref("browser.sessionhistory.max_total_viewers", 4); // default=8
 user_pref("browser.sessionstore.max_tabs_undo", 10); // default=25
 //user_pref("browser.sessionstore.max_entries", 10); // [HIDDEN OR REMOVED]
 //user_pref("dom.storage.default_quota", 20480); // 20MB; default=5120
 //user_pref("dom.storage.shadow_writes", true);
 // PREF: tell garbage collector to start running when javascript is using xx MB of memory
 // Garbage collection releases memory back to the system.
 //user_pref("javascript.options.mem.high_water_mark", 128); // DEFAULT [HIDDEN OR REMOVED]
 /****************************************************************************
 * SECTION: MEDIA CACHE                                                     *
@@ -283,11 +327,11 @@ user_pref("browser.sessionhistory.max_total_viewers", 4);
 // PREF: media memory cache
 // [1] https://hg.mozilla.org/mozilla-central/file/tip/modules/libpref/init/StaticPrefList.yaml#l9652
-// [2] https://github.com/arkenfox/user.js/pull/941
+// [2] https://github.com/arkenfox/user.js/pull/941#issuecomment-668278121
-user_pref("media.memory_cache_max_size", 65536); // default=8192; AF=65536; alt=131072
+user_pref("media.memory_cache_max_size", 262144); // 256 MB; default=8192; AF=65536
 // PREF: media cache combine sizes
-//user_pref("media.memory_caches_combined_limit_kb", 524288); // DEFAULT; alt=1048576
+user_pref("media.memory_caches_combined_limit_kb", 1048576); // 1GB; default=524288
 //user_pref("media.memory_caches_combined_limit_pc_sysmem", 5); // DEFAULT; alt=10; the percentage of system memory that Firefox can use for media caches
 // PREF: Media Source Extensions (MSE) web standard
@@ -301,19 +345,20 @@ user_pref("media.memory_cache_max_size", 65536); // default=8192; AF=65536; alt=
 // PREF: adjust video buffering periods when not using MSE (in seconds)
 // [NOTE] Does not affect videos over 720p since they use DASH playback [1]
 // [1] https://lifehacker.com/preload-entire-youtube-videos-by-disabling-dash-playbac-1186454034
-user_pref("media.cache_readahead_limit", 7200); // 120 min; default=60; stop reading ahead when our buffered data is this many seconds ahead of the current playback
+user_pref("media.cache_readahead_limit", 600); // 10 min; default=60; stop reading ahead when our buffered data is this many seconds ahead of the current playback
-user_pref("media.cache_resume_threshold", 3600); // 60 min; default=30; when a network connection is suspended, don't resume it until the amount of buffered data falls below this threshold
+user_pref("media.cache_resume_threshold", 300); // 5 min; default=30; when a network connection is suspended, don't resume it until the amount of buffered data falls below this threshold
 /****************************************************************************
 * SECTION: IMAGE CACHE                                                     *
 ****************************************************************************/
 // PREF: image cache
-//user_pref("image.cache.size", 5242880); // DEFAULT; in MiB; alt=10485760 (cache images up to 10MiB in size)
+user_pref("image.cache.size", 10485760); // (cache images up to 10MiB in size) [DEFAULT 5242880]
-user_pref("image.mem.decode_bytes_at_a_time", 32768); // default=16384; alt=65536; chunk size for calls to the image decoders
+user_pref("image.mem.decode_bytes_at_a_time", 65536); // default=16384; alt=32768; chunk size for calls to the image decoders
 //user_pref("image.mem.max_decoded_image_kb", 512000); // 500MB [HIDDEN OR REMOVED?]
 // PREF: set minimum timeout to unmap shared surfaces since they have been last used
-// This is only used on 32-bit builds of Firefox where there is meaningful
+// [NOTE] This is only used on 32-bit builds of Firefox where there is meaningful
 // virtual address space pressure.
 // [1] https://phabricator.services.mozilla.com/D109440
 // [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1699224
@@ -341,6 +386,7 @@ user_pref("network.http.max-connections", 1800); // default=900
 user_pref("network.http.max-persistent-connections-per-server", 10); // default=6; download connections; anything above 10 is excessive
    user_pref("network.http.max-urgent-start-excessive-connections-per-host", 5); // default=3
    //user_pref("network.http.max-persistent-connections-per-proxy", 48); // default=32
 user_pref("network.http.request.max-start-delay", 5); // default=10
 //user_pref("network.websocket.max-connections", 200); // DEFAULT
 // PREF: pacing requests [FF23+]
@@ -350,21 +396,21 @@ user_pref("network.http.max-persistent-connections-per-server", 10); // default=
 // Pacing requests adds a slight delay between requests to throttle them.
 // If you have a fast machine and internet connection, disabling pacing
 // may provide a small speed boost when loading pages with lots of requests.
-// false=Firefox will send as many requests as possible without pacing
+// false = Firefox will send as many requests as possible without pacing
-// true=Firefox will pace requests (default)
+// true = Firefox will pace requests (default)
 user_pref("network.http.pacing.requests.enabled", false);
    //user_pref("network.http.pacing.requests.min-parallelism", 10); // default=6
-    //user_pref("network.http.pacing.requests.burst", 14); // default=10
+    //user_pref("network.http.pacing.requests.burst", 32); // default=10
 // PREF: increase DNS cache
 // [1] https://developer.mozilla.org/en-US/docs/Web/Performance/Understanding_latency
-//user_pref("network.dnsCacheEntries", 1000); // default=400
+user_pref("network.dnsCacheEntries", 10000); // default=800
 // PREF: adjust DNS expiration time
 // [ABOUT] about:networking#dns
 // [NOTE] These prefs will be ignored by DNS resolver if using DoH/TRR.
-user_pref("network.dnsCacheExpiration", 3600); // keep entries for 1 hour
+user_pref("network.dnsCacheExpiration", 3600); // keep entries for 1 hour; default=60
-    //user_pref("network.dnsCacheExpirationGracePeriod", 240); // default=60; cache DNS entries for 4 minutes after they expire
+    //user_pref("network.dnsCacheExpirationGracePeriod", 120); // default=60; cache DNS entries for 2 minutes after they expire
 // PREF: the number of threads for DNS
 //user_pref("network.dns.max_high_priority_threads", 40); // DEFAULT [FF 123?]
@@ -506,11 +552,11 @@ user_pref("network.prefetch-next", false);
 // [2] https://www.ghacks.net/2014/05/11/seer-disable-firefox/
 // [3] https://github.com/dillbyrne/random-agent-spoofer/issues/238#issuecomment-110214518
 // [4] https://www.igvita.com/posa/high-performance-networking-in-google-chrome/#predictor
-user_pref("network.predictor.enabled", false);
+//user_pref("network.predictor.enabled", false); // [DEFAULT: false FF144+]
 // PREF: Network Predictor fetch for resources ahead of time
 // Prefetch page resources based on past user behavior.
-//user_pref("network.predictor.enable-prefetch", false); // DEFAULT
+//user_pref("network.predictor.enable-prefetch", false); // [FF48+] [DEFAULT: false]
 // PREF: make Network Predictor active when hovering over links
 // When hovering over links, Network Predictor uses past resource history to
@@ -541,16 +587,7 @@ user_pref("network.predictor.enabled", false);
 // PREF: CSS Masonry Layout [NIGHTLY]
 // [1] https://developer.mozilla.org/en-US/docs/Web/CSS/CSS_Grid_Layout/Masonry_Layout
 // [2] https://www.smashingmagazine.com/native-css-masonry-layout-css-grid/
-user_pref("layout.css.grid-template-masonry-value.enabled", true);
+//user_pref("layout.css.grid-template-masonry-value.enabled", true);
 // PREF: Prioritized Task Scheduling API [NIGHTLY]
 // [1] https://github.com/yokoffing/Betterfox/issues/355
 // [2] https://blog.mozilla.org/performance/2022/06/02/prioritized-task-scheduling-api-is-prototyped-in-nightly/
 // [3] https://medium.com/airbnb-engineering/building-a-faster-web-experience-with-the-posttask-scheduler-276b83454e91
 // [4] https://github.com/WICG/scheduling-apis/blob/main/explainers/prioritized-post-task.md
 // [5] https://wicg.github.io/scheduling-apis/
 // [6] https://caniuse.com/mdn-api_taskcontroller
 //user_pref("dom.enable_web_task_scheduling", true);
 /****************************************************************************
 * SECTION: TAB UNLOAD                                                      *
@@ -598,6 +635,7 @@ user_pref("layout.css.grid-template-masonry-value.enabled", true);
 // [2] https://firefox-source-docs.mozilla.org/dom/ipc/process_model.html#web-content-processes 
 //user_pref("dom.ipc.processCount", 8); // DEFAULT; Shared Web Content
 //user_pref("dom.ipc.processCount.webIsolated", 1); // default=4; Isolated Web Content
 //user_pref("dom.ipc.keepProcessesAlive.web", 4); // default=1 [HIDDEN OR REMOVED]
 // PREF: use one process for process preallocation cache
 //user_pref("dom.ipc.processPrelaunch.fission.number", 1); // default=3; Process Preallocation Cache
@@ -3,7 +3,7 @@
 * Peskyfox                                                                 *
 * "Aquila non capit muscas"                                                *
 * priority: remove annoyances                                              *
- * version: 140                                                             *
+ * version: 146                                                             *
 * url: https://github.com/yokoffing/Betterfox                              *
 * credit: Some prefs are reproduced and adapted from the arkenfox project  *
 * credit urL: https://github.com/arkenfox/user.js                          *
@@ -13,11 +13,6 @@
 * SECTION: MOZILLA UI                                                      *
 ****************************************************************************/
 // PREF: Mozilla VPN
 // [1] https://github.com/yokoffing/Betterfox/issues/169
 user_pref("browser.privatebrowsing.vpnpromourl", "");
    //user_pref("browser.vpn_promo.enabled", false);
 // PREF: disable about:addons' Recommendations pane (uses Google Analytics)
 user_pref("extensions.getAddons.showPane", false); // HIDDEN
@@ -29,14 +24,6 @@ user_pref("extensions.htmlaboutaddons.recommendations.enabled", false);
 // [SETTING] Privacy & Security>Firefox Data Collection & Use>Allow Firefox to make personalized extension recommendations
 user_pref("browser.discovery.enabled", false);
 // PREF: disable Fakespot integration [FF116+]
 // [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1840156#c0
 // [2] https://github.com/arkenfox/user.js/issues/1730
 // [3] https://www.fakespot.com/
 // [4] https://www.ghacks.net/2023/10/12/firefox-will-soon-tell-you-if-product-reviews-are-reliable/
 //user_pref("browser.shopping.experience2023.enabled", false); // DEFAULT
 //user_pref("browser.shopping.experience2023.ads.exposure", false); // DEFAULT [FF121+]
 // PREF: disable Firefox from asking to set as the default browser
 // [1] https://github.com/yokoffing/Betterfox/issues/166
 user_pref("browser.shell.checkDefaultBrowser", false);
@@ -56,7 +43,7 @@ user_pref("browser.preferences.moreFromMozilla", false);
 user_pref("browser.aboutConfig.showWarning", false);
 // PREF: disable welcome notices
-//user_pref("browser.startup.homepage_override.mstone", "ignore"); // What's New page after updates; master switch
+user_pref("browser.startup.homepage_override.mstone", "ignore");
 user_pref("browser.aboutwelcome.enabled", false); // disable Intro screens
    //user_pref("startup.homepage_welcome_url", "");
    //user_pref("startup.homepage_welcome_url.additional", "");
@@ -72,6 +59,9 @@ user_pref("browser.profiles.enabled", true);
 // [1] https://github.com/yokoffing/Betterfox/issues/320
 //user_pref("widget.gtk.non-native-titlebar-buttons.enabled", true);
 // PREF: disable search engine switcher in the URL bar [FF136+]
 //user_pref("browser.urlbar.scotchBonnet.enableOverride", false);
 /****************************************************************************
 * SECTION: THEME ADJUSTMENTS                                              *
 ****************************************************************************/
@@ -105,7 +95,27 @@ user_pref("browser.privateWindowSeparation.enabled", false);
 //user_pref("browser.newtabpage.activity-stream.newtabWallpapers.v2.enabled", true); // [DEFAULT FF132+]
 /****************************************************************************
- * SECTION: COOKIE BANNER HANDLING                                         *
+ * SECTION: AI                                                              *
 ****************************************************************************/
 // PREF: AI master switch
 // [1] https://github.com/yokoffing/Betterfox/issues/416
 user_pref("browser.ml.enable", false);
 // PREF: AI chat
 user_pref("browser.ml.chat.enabled", false);
 // PREF: AI chatbot option in right click menu
 user_pref("browser.ml.chat.menu", false);
 // PREF: AI-enhanced tab groups
 // [1] https://support.mozilla.org/kb/how-use-ai-enhanced-tab-groups
 user_pref("browser.tabs.groups.smart.enabled", false);
 // PREF: link previews
 user_pref("browser.ml.linkPreview.enabled", false);
 /****************************************************************************
 * SECTION: COOKIE BANNER HANDLING                                          *
 ****************************************************************************/
 // PREF: Cookie Banner handling
@@ -130,7 +140,7 @@ user_pref("browser.privateWindowSeparation.enabled", false);
 //user_pref("cookiebanners.service.enableGlobalRules.subFrames", true); // DEFAULT [FF121+]
 /****************************************************************************
- * SECTION: TRANSLATIONS                                                   *
+ * SECTION: TRANSLATIONS                                                    *
 ****************************************************************************/
 // PREF: Firefox Translations [FF118+]
@@ -152,8 +162,9 @@ user_pref("full-screen-api.transition-duration.enter", "0 0"); // default=200 20
 user_pref("full-screen-api.transition-duration.leave", "0 0"); // default=200 200
 // PREF: disable fullscreen notice
-user_pref("full-screen-api.warning.delay", -1); // default=500
+// [NOTE] Adjust to a sensible value, like 1250, if you have security concerns.
-user_pref("full-screen-api.warning.timeout", 0); // default=3000
+//user_pref("full-screen-api.warning.timeout", 0); // default=3000; alt=1250
 //user_pref("full-screen-api.warning.delay", -1); // default=500
 /****************************************************************************
 * SECTION: FONT APPEARANCE                                                 *
@@ -191,11 +202,10 @@ user_pref("full-screen-api.warning.timeout", 0); // default=3000
 user_pref("browser.urlbar.suggest.engines", false);
    //user_pref("browser.urlbar.suggest.searches", false);
 //user_pref("browser.urlbar.quickactions.enabled", false);
 //user_pref("browser.urlbar.shortcuts.quickactions", false);
 //user_pref("browser.urlbar.suggest.weather", true); // DEFAULT [FF108]
    //user_pref("browser.urlbar.weather.ignoreVPN", false); // DEFAULT
 //user_pref("browser.urlbar.suggest.calculator", true); // [DEFAULT FF137+]
-user_pref("browser.urlbar.unitConversion.enabled", true);
+//user_pref("browser.urlbar.unitConversion.enabled", true); // [DEFAULT FF141+]
 // PREF: disable dropdown suggestions with empty query
 //user_pref("browser.urlbar.suggest.topsites", false);
@@ -207,10 +217,11 @@ user_pref("browser.urlbar.trending.featureGate", false);
 // PREF: disable urlbar suggestions
 //user_pref("browser.urlbar.addons.featureGate", false); // [FF115+]
 //user_pref("browser.urlbar.amp.featureGate", false); // [FF141+] adMarketplace
 //user_pref("browser.urlbar.fakespot.featureGate", false); // [FF130+] [DEFAULT: false]
 //user_pref("browser.urlbar.mdn.featureGate", false); // [FF117+] [HIDDEN PREF]
 //user_pref("browser.urlbar.pocket.featureGate", false); // [FF116+] [DEFAULT: false]
 //user_pref("browser.urlbar.weather.featureGate", false); // [FF108+] [DEFAULT: false]
 //user_pref("browser.urlbar.wikipedia.featureGate", false); // [FF141+]
 //user_pref("browser.urlbar.clipboard.featureGate", false); // [FF118+] [DEFAULT: true FF125+]
 //user_pref("browser.urlbar.yelp.featureGate", false); // [FF124+] [DEFAULT: false]
@@ -292,15 +303,15 @@ user_pref("browser.urlbar.trending.featureGate", false);
 //user_pref("browser.newtabpage.activity-stream.discoverystream.enabled", false);
 //user_pref("browser.newtabpage.activity-stream.showSearch", true); // NTP Web Search [DEFAULT]
 //user_pref("browser.newtabpage.activity-stream.feeds.topsites", false); // Shortcuts
-      user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); // Shortcuts > Sponsored shortcuts [FF83+]
+      user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); // Sponsored shortcuts [FF83+]
 //user_pref("browser.newtabpage.activity-stream.showWeather", false); // Weather [FF130+]
    //user_pref("browser.newtabpage.activity-stream.system.showWeather", false); // hides Weather as an UI option
 user_pref("browser.newtabpage.activity-stream.feeds.section.topstories", false); // Recommended by Pocket
-      user_pref("browser.newtabpage.activity-stream.showSponsored", false); // Sponsored Stories [FF58+]  
+user_pref("browser.newtabpage.activity-stream.showSponsored", false); // Sponsored stories [FF58+]  
 user_pref("browser.newtabpage.activity-stream.showSponsoredCheckboxes", false); // [FF140+] Support Firefox
 //user_pref("browser.newtabpage.activity-stream.feeds.section.highlights", false); // Recent Activity [DEFAULT]
      //user_pref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false);
      //user_pref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false);
      //user_pref("browser.newtabpage.activity-stream.section.highlights.includePocket", false);
      //user_pref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false);
 //user_pref("browser.newtabpage.activity-stream.feeds.snippets", false); // [DEFAULT]
@@ -326,8 +337,9 @@ user_pref("browser.newtabpage.activity-stream.default.sites", "");
 * SECTION: POCKET                                                            *
 ******************************************************************************/
-// PREF: Disable built-in Pocket extension
+// PREF: disable built-in Pocket extension
-user_pref("extensions.pocket.enabled", false);
+// [1] https://support.mozilla.org/kb/future-of-pocket
 //user_pref("extensions.pocket.enabled", false); // DEFAULT
      //user_pref("extensions.pocket.api"," ");
      //user_pref("extensions.pocket.oAuthConsumerKey", " ");
      //user_pref("extensions.pocket.site", " ");
@@ -1,4 +1,4 @@
-![GitHub Maintained](https://img.shields.io/badge/maintained-yes-green)![GitHub last commit](https://img.shields.io/github/last-commit/yokoffing/betterfox)![GitHub issues](https://img.shields.io/github/issues/yokoffing/betterfox)![GitHub closed issues](https://img.shields.io/github/issues-closed/yokoffing/betterfox)![GitHub repo size](https://img.shields.io/github/repo-size/yokoffing/betterfox)[![shields.io Stars](https://img.shields.io/github/stars/yokoffing/betterfox)](https://github.com/yokoffing/betterfox/stargazers)
+![Badge](https://hitscounter.dev/api/hit?url=https%3A%2F%2Fgithub.com%2Fyokoffing%2FBetterfox&label=&icon=github&color=%23198754&message=&style=flat&tz=US%2FEastern)![GitHub Maintained](https://img.shields.io/badge/maintained-yes-green)![GitHub last commit](https://img.shields.io/github/last-commit/yokoffing/betterfox)![GitHub issues](https://img.shields.io/github/issues/yokoffing/betterfox)![GitHub closed issues](https://img.shields.io/github/issues-closed/yokoffing/betterfox)![GitHub repo size](https://img.shields.io/github/repo-size/yokoffing/betterfox)[![shields.io Stars](https://img.shields.io/github/stars/yokoffing/betterfox)](https://github.com/yokoffing/betterfox/stargazers)
 # Betterfox
 [about:config](https://support.mozilla.org/en-US/kb/about-config-editor-firefox) tweaks to enhance [Mozilla Firefox](https://www.mozilla.org/en-US/firefox/new/).
@@ -46,6 +46,7 @@ The `user.js` — a configuration file that controls Firefox settings — is cur
 > While the browsers listed below incorporate Betterfox to some extent, they often modify it in ways that reduce its effectiveness. For optimal results, apply the `user.js` file even when using Firefox forks.
 * [Zen](https://github.com/zen-browser/desktop?tab=readme-ov-file) | [files](https://github.com/zen-browser/desktop/blob/stable/src/browser/app/profile/zen-browser.js) (July 2024)
 * [FireDragon](https://github.com/dr460nf1r3/firedragon-browser/blob/master/README.md) | [files](https://github.com/dr460nf1r3/firedragon-browser/blob/55fc6e5029542cd90fabe23cb44c89568d74d006/firedragon.cfg#L822-L824) (Jan 2024?)
 * [Midori](https://github.com/goastian/midori-desktop/blob/ESR115/README.md) | [files](https://github.com/goastian/midori-desktop/blob/f3d8d96eb8e08f35a64e3c957bea4e839d7c7730/floorp/browser/components/userjsUtils.sys.mjs#L28-L33) (Dec 2023?)
 * [Mercury](https://github.com/Alex313031/Mercury/releases/tag/v.115.3.0) | [files](https://github.com/Alex313031/Mercury/commit/eb9600f9fb8f48c8f5b5c6f3264fbcdb5caff7f5) (Sep 2023)
 * [Waterfox](https://www.waterfox.net/docs/releases/G6.0/) | [files](https://github.com/WaterfoxCo/Waterfox/tree/current/waterfox/browser/app/profile) (Sep 2023)
@@ -103,7 +104,3 @@ If you like the project, leave a :star: (top right) and become a [stargazer](htt
 * Thanks to [Denperidge](https://github.com/Denperidge) for adding [`install.py`](https://github.com/yokoffing/Betterfox/blob/main/install.py) for advanced users in v.131.
 * A special thanks to [Alex Kontos](https://github.com/MrAlex94) of [Waterfox](https://github.com/WaterfoxCo/Waterfox) for his collaboration in v.116.
 * Many thanks to the 2021 [Ghostery](https://github.com/ghostery) team for testing Betterfox at scale in its early days.
 <div align='center'>
  <a href='https://www.websitecounterfree.com'><img src='https://www.websitecounterfree.com/c.php?d=9&id=19653&s=1' border='0' alt='Free Website Counter'></a><br / >
 since 23 July 2022</div>
@@ -3,7 +3,7 @@
 * Securefox                                                                *
 * "Natura non contristatur"                                                *     
 * priority: provide sensible security and privacy                          *
- * version: 140                                                             *
+ * version: 146                                                             *
 * url: https://github.com/yokoffing/Betterfox                              *
 * credit: Most prefs are reproduced and adapted from the arkenfox project  *
 * credit urL: https://github.com/arkenfox/user.js                          *
@@ -12,16 +12,16 @@
 /****************************************************************************
 * SECTION: TRACKING PROTECTION                                             *
 ****************************************************************************/
-
+// PREF: enable ETP Strict Mode [FF86+]
-// PREF: Enhanced Tracking Protection (ETP)
+// ETP Strict Mode enables Total Cookie Protection (TCP)
-// Tracking Content blocking will strip cookies and block all resource requests to domains listed in Disconnect.me.
+// [NOTE] Adding site exceptions disables all ETP protections for that site and increases the risk of
-// Firefox deletes all stored site data (incl. cookies, browser storage) if the site is a known tracker and hasn’t
+// cross-site state tracking e.g. exceptions for SiteA and SiteB means PartyC on both sites is shared
-// been interacted with in the last 30 days.
+// [1] https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/
-// [ALLOWLIST] https://disconnect.me/trackerprotection/unblocked
+// [2] https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop
-// [NOTE] FF86: "Strict" tracking protection enables dFPI.
+// [3] https://www.reddit.com/r/firefox/comments/l7xetb/network_priority_for_firefoxs_enhanced_tracking/gle2mqn/?web2x&context=3
-// [1] https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop
+// [SETTING] to add site exceptions: Urlbar>ETP Shield
-// [2] https://www.reddit.com/r/firefox/comments/l7xetb/network_priority_for_firefoxs_enhanced_tracking/gle2mqn/?web2x&context=3
+// [SETTING] to manage site exceptions: Options>Privacy & Security>Enhanced Tracking Protection>Manage Exceptions
-user_pref("browser.contentblocking.category", "strict"); // [HIDDEN]
+user_pref("browser.contentblocking.category", "strict"); // [HIDDEN PREF]
 //user_pref("privacy.trackingprotection.enabled", true); // enabled with "Strict"
 //user_pref("privacy.trackingprotection.pbmode.enabled", true); // DEFAULT
 //user_pref("browser.contentblocking.customBlockList.preferences.ui.enabled", false); // DEFAULT
@@ -41,6 +41,21 @@ user_pref("browser.contentblocking.category", "strict"); // [HIDDEN]
 //user_pref("privacy.bounceTrackingProtection.mode", 1); // [FF131+] [ETP FF133+]
 // [1] https://searchfox.org/mozilla-central/source/toolkit/components/antitracking/bouncetrackingprotection/nsIBounceTrackingProtection.idl#11-23
 // PREF: disable ETP web compat features (about:compat) [FF93+]
 // [SETUP-HARDEN] Includes skip lists, heuristics (SmartBlock) and automatic grants
 // Opener and redirect heuristics are granted for 30 days, see [3]
 // [1] https://blog.mozilla.org/security/2021/07/13/smartblock-v2/
 // [2] https://hg.mozilla.org/mozilla-central/rev/e5483fd469ab#l4.12
 // [3] https://developer.mozilla.org/docs/Web/Privacy/State_Partitioning#storage_access_heuristics
    // user_pref("privacy.antitracking.enableWebcompat", false);
 // PREF: set ETP Strict/Custom exception lists (FF141+)
 // [SETTING] Options>Privacy & Security>Enhanced Tracking Protection>Strict/Custom>Fix major [baseline] | minor [convenience]
 // [1] https://support.mozilla.org/en-US/kb/manage-enhanced-tracking-protection-exceptions
 // [2] https://etp-exceptions.mozilla.org/
 // user_pref("privacy.trackingprotection.allow_list.baseline.enabled", true); // [DEFAULT: true]
 // user_pref("privacy.trackingprotection.allow_list.convenience.enabled", true); // [DEFAULT: true]
 // PREF: query stripping
 // Currently uses a small list [1]
 // We set the same query stripping list that Brave and LibreWolf uses [2]
@@ -72,8 +87,8 @@ user_pref("browser.contentblocking.category", "strict"); // [HIDDEN]
 // [1] https://www.reddit.com/r/firefox/comments/l79nxy/firefox_dev_is_ignoring_social_tracking_preference/gl84ukk
 // [2] https://www.reddit.com/r/firefox/comments/pvds9m/reddit_embeds_not_loading/
 // [3] https://github.com/yokoffing/Betterfox/issues/413
-//user_pref("urlclassifier.trackingSkipURLs", "embed.reddit.com, *.twitter.com, *.twimg.com"); // MANUAL [FF136+]
+//user_pref("urlclassifier.trackingSkipURLs", "*://embed.reddit.com/*,*://*.twitter.com/*,*://*.twimg.com/*"); // MANUAL
-//user_pref("urlclassifier.features.socialtracking.skipURLs", "*.twitter.com, *.twimg.com"); // MANUAL [FF136+]
+//user_pref("urlclassifier.features.socialtracking.skipURLs", "*://*.twitter.com/*,*://*.twimg.com/*"); // MANUAL
 // PREF: allow embedded tweets, Instagram and Reddit posts, and TikTok embeds [before FF136+]
 //user_pref("urlclassifier.trackingSkipURLs", "*.reddit.com, *.twitter.com, *.twimg.com, *.tiktok.com"); // MANUAL
@@ -198,8 +213,9 @@ user_pref("browser.contentblocking.category", "strict"); // [HIDDEN]
 // PREF: remove temp files opened from non-PB windows with an external application
 // [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=302433,1738574
 // [2] https://github.com/arkenfox/user.js/issues/1732
 // [3] https://bugzilla.mozilla.org/302433
 user_pref("browser.download.start_downloads_in_tmp_dir", true); // [FF102+]
-user_pref("browser.helperApps.deleteTempFileOnExit", true);
+//user_pref("browser.helperApps.deleteTempFileOnExit", true); // DEFAULT [FF108]
 // PREF: disable UITour backend
 // This way, there is no chance that a remote page can use it.
@@ -273,12 +289,12 @@ user_pref("security.OCSP.enabled", 0);
 // CRLite is faster and more private than OCSP [2].
 // 0 = disabled
 // 1 = consult CRLite but only collect telemetry
-// 2 = consult CRLite and enforce both "Revoked" and "Not Revoked" results
+// 2 = consult CRLite and enforce both "Revoked" and "Not Revoked" results (default)
-// 3 = consult CRLite and enforce "Not Revoked" results, but defer to OCSP for "Revoked" [FF99+, default FF100+]
+// 3 = consult CRLite and enforce "Not Revoked" results, but defer to OCSP for "Revoked" (removed FF145)
 // [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1429800,1670985,1753071
 // [2] https://blog.mozilla.org/security/tag/crlite/
 //user_pref("security.remote_settings.crlite_filters.enabled", true); // [DEFAULT: true FF137+]
-user_pref("security.pki.crlite_mode", 2);
+//user_pref("security.pki.crlite_mode", 2); // [DEFAULT: 2 FF142+]
 // PREF: HTTP Public Key Pinning (HPKP)
 // HPKP enhances the security of SSL certificates by associating
@@ -317,6 +333,13 @@ user_pref("security.pki.crlite_mode", 2);
 //user_pref("browser.contentanalysis.enabled", false); // [FF121+] [DEFAULT]
 //user_pref("browser.contentanalysis.default_result", 0; // [FF127+] [DEFAULT]
 // PREF: disable referrer and storage access for resources injected by content scripts [FF139+]
 user_pref("privacy.antitracking.isolateContentScriptResources", true);
 // PREF: disable CSP Level 2 Reporting [FF140+]
 // [1] https://github.com/yokoffing/Betterfox/issues/415
 user_pref("security.csp.reporting.enabled", false);
 /****************************************************************************
 * SECTION: SSL (Secure Sockets Layer) / TLS (Transport Layer Security)    *
 ****************************************************************************/
@@ -436,10 +459,6 @@ user_pref("browser.sessionstore.interval", 60000); // 1 minute; default=15000 (1
 // Favicons are stored as .ico files in profile_dir\shortcutCache.
 //user_pref("browser.shell.shortcutFavicons", false);
 // PREF: remove temp files opened with an external application
 // [1] https://bugzilla.mozilla.org/302433
 //user_pref("browser.helperApps.deleteTempFileOnExit", true); // DEFAULT [FF108]
 // PREF: disable page thumbnails capturing
 // Page thumbnails are only used in chrome/privileged contexts.
 //user_pref("browser.pagethumbnails.capturing_disabled", true); // [HIDDEN PREF]
@@ -487,6 +506,14 @@ user_pref("browser.sessionstore.interval", 60000); // 1 minute; default=15000 (1
 // PREF: purge session icon in Private Browsing windows
 user_pref("browser.privatebrowsing.resetPBM.enabled", true);
 // PREF: delete files downloaded in Private Browsing when all private windows are closed
 // When downloading a file in private browsing mode, the user will be prompted
 // to chose whether they want to keep or delete files that are downloaded
 // while in private browsing. 
 //user_pref("browser.download.enableDeletePrivate", true);
 //user_pref("browser.download.deletePrivateChosen", true);
 //user_pref("browser.download.deletePrivate", true);
 /******************************************************************************
 * SECTION: SHUTDOWN & SANITIZING                                             *
 ******************************************************************************/
@@ -646,16 +673,14 @@ user_pref("network.IDN_show_punycode", true);
 /******************************************************************************
 * SECTION: HTTPS-FIRST POLICY                          *
 ******************************************************************************/
 // PREF: HTTPS-First Policy
 // Firefox attempts to make all connections to websites secure,
 // and falls back to insecure connections only when a website
 // does not support it. Unlike HTTPS-Only Mode, Firefox
 // will NOT ask for your permission before connecting to a website
 // that doesn’t support secure connections.
-// As of August 2023, Google estimates that 5-10% of traffic
+// As of October 2025, Google estimates that 3-5% of traffic
-// has remained on HTTP, allowing attackers to eavesdrop
+// is insecure, allowing attackers to eavesdrop on or change that data [8].
 // on or change that data [6].
 // [NOTE] HTTPS-Only Mode needs to be disabled for HTTPS First to work.
 // [TEST] http://example.com [upgrade]
 // [TEST] http://httpforever.com/ [no upgrade]
@@ -666,10 +691,21 @@ user_pref("network.IDN_show_punycode", true);
 // [5] https://www.cloudflare.com/learning/ssl/why-use-https/
 // [6] https://blog.chromium.org/2023/08/towards-https-by-default.html
 // [7] https://attackanddefense.dev/2025/03/31/https-first-in-firefox-136.html
 // [8] https://security.googleblog.com/2025/10/https-by-default.html
 //user_pref("dom.security.https_first", true); // [DEFAULT FF136+]
 //user_pref("dom.security.https_first_pbm", true); // [DEFAULT FF91+]
 //user_pref("dom.security.https_first_schemeless", true); // [FF120+] [DEFAULT FF129+]
 // PREF: block insecure passive content (images) on HTTPS pages
 // [WARNING] This preference blocks all mixed content, including upgradable.
 // Firefox still attempts an HTTP connection if it can't find a secure one,
 // even with HTTPS First Policy. Although rare, this leaves a small risk of
 // a malicious image being served through a MITM attack.
 // Disable this pref if using HTTPS-Only Mode.
 // [NOTE] Enterprise users may need to enable this setting [1].
 // [1] https://blog.mozilla.org/security/2024/06/05/firefox-will-upgrade-more-mixed-content-in-version-127/
 //user_pref("security.mixed_content.block_display_content", true); // Defense-in-depth (see HTTPS-Only mode)
 /******************************************************************************
 * SECTION: HTTPS-ONLY MODE                              *
 ******************************************************************************/
@@ -678,9 +714,8 @@ user_pref("network.IDN_show_punycode", true);
 // by a server. Options to use HTTP are then provided.
 // [NOTE] When "https_only_mode" (all windows) is true,
 // "https_only_mode_pbm" (private windows only) is ignored.
-// As of August 2023, Google estimates that 5-10% of traffic
+// As of October 2025, Google estimates that 3-5% of traffic
-// has remained on HTTP, allowing attackers to eavesdrop
+// is insecure, allowing attackers to eavesdrop on or change that data [6].
 // on or change that data [5].
 // [SETTING] to add site exceptions: Padlock>HTTPS-Only mode>On/Off/Off temporarily
 // [SETTING] Privacy & Security>HTTPS-Only Mode
 // [TEST] http://example.com [upgrade]
@@ -690,17 +725,23 @@ user_pref("network.IDN_show_punycode", true);
 // [3] https://web.dev/why-https-matters/
 // [4] https://www.cloudflare.com/learning/ssl/why-use-https/
 // [5] https://blog.chromium.org/2023/08/towards-https-by-default.html
 // [6] https://security.googleblog.com/2025/10/https-by-default.html
-// PREF: enable HTTPS-only Mode
+// PREF: enable HTTPS-Only mode in all windows
-//user_pref("dom.security.https_only_mode_pbm", true); // Private Browsing windows only
+// When the top-level is HTTPS, insecure subresources are also upgraded (silent fail)
-//user_pref("dom.security.https_only_mode", true); // Normal + Private Browsing windows
+// [SETTING] to add site exceptions: Padlock>HTTPS-Only mode>On (after "Continue to HTTP Site")
 // [SETTING] Privacy & Security>HTTPS-Only Mode (and manage exceptions)
 // [TEST] http://example.com [upgrade]
 // [TEST] http://httpforever.com/ | http://http.rip [no upgrade]
 user_pref("dom.security.https_only_mode", true); // [FF76+]
    //user_pref("dom.security.https_only_mode_pbm", true); // [FF80+] Private Browsing windows only
 // PREF: offer suggestion for HTTPS site when available
 // [1] https://x.com/leli_gibts_scho/status/1371463866606059528
-//user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
+user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
 // PREF: HTTP background requests in HTTPS-only Mode
-// When attempting to upgrade, if the server doesn't respond within 3 seconds[=default time],
+// When attempting to upgrade, if the server doesn't respond within a few seconds,
 // Firefox sends HTTP requests in order to check if the server supports HTTPS or not.
 // This is done to avoid waiting for a timeout which takes 90 seconds.
 // Firefox only sends top level domain when falling back to http.
@@ -709,10 +750,6 @@ user_pref("network.IDN_show_punycode", true);
 // [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1642387,1660945
 // [2] https://blog.mozilla.org/attack-and-defense/2021/03/10/insights-into-https-only-mode/
 //user_pref("dom.security.https_only_mode_send_http_background_request", true); // DEFAULT
    //user_pref("dom.security.https_only_fire_http_request_background_timer_ms", 3000); // DEFAULT
 // PREF: disable HTTPS-Only mode for local resources
 //user_pref("dom.security.https_only_mode.upgrade_local", false); // DEFAULT
 /******************************************************************************
 * SECTION: DNS-over-HTTPS                                                    *
@@ -909,6 +946,10 @@ user_pref("editor.truncate_user_pastes", false);
 // [DO NOT TOUCH] Icons will double-up if the website implements it natively.
 //user_pref("layout.forms.reveal-password-button.enabled", true); // always show icon in password fields
 // PREF: disable automatic authentication on Microsoft sites [WINDOWS]
 // [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1695693,1719301
 //user_pref("network.http.windows-sso.enabled", false);
 /****************************************************************************
 * SECTION: ADDRESS + CREDIT CARD MANAGER                                   *
 ****************************************************************************/
@@ -920,32 +961,6 @@ user_pref("editor.truncate_user_pastes", false);
 //user_pref("extensions.formautofill.addresses.enabled", false);
 //user_pref("extensions.formautofill.creditCards.enabled", false);
 /******************************************************************************
 * SECTION: MIXED CONTENT + CROSS-SITE                                       *
 ******************************************************************************/
 // PREF: block insecure passive content (images) on HTTPS pages
 // [WARNING] This preference blocks all mixed content, including upgradable.
 // Firefox still attempts an HTTP connection if it can't find a secure one,
 // even with HTTPS First Policy. Although rare, this leaves a small risk of
 // a malicious image being served through a MITM attack.
 // Disable this pref if using HTTPS-Only Mode.
 // [NOTE] Enterprise users may need to enable this setting [1].
 // [1] https://blog.mozilla.org/security/2024/06/05/firefox-will-upgrade-more-mixed-content-in-version-127/
 user_pref("security.mixed_content.block_display_content", true);
 // PREF: allow PDFs to load javascript
 // https://www.reddit.com/r/uBlockOrigin/comments/mulc86/firefox_88_now_supports_javascript_in_pdf_files/
 user_pref("pdfjs.enableScripting", false);
 // PREF: disable middle click on new tab button opening URLs or searches using clipboard [FF115+]
 // Enable if you're using LINUX.
 //user_pref("browser.tabs.searchclipboardfor.middleclick", false); // DEFAULT WINDOWS macOS
 // PREF: disable automatic authentication on Microsoft sites [WINDOWS]
 // [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1695693,1719301
 //user_pref("network.http.windows-sso.enabled", false);
 /****************************************************************************
 * SECTION: EXTENSIONS                                                      *
 ****************************************************************************/
@@ -980,9 +995,9 @@ user_pref("extensions.enabledScopes", 5); // [HIDDEN PREF]
 // Users may see a notification when running add-ons that are not monitored by Mozilla when they visit certain sites.
 // The notification informs them that “some extensions are not allowed” and were blocked from running on that site.
 // There's no details as to which sites are affected.
-// [1] https://support.mozilla.org/en-US/kb/quarantined-domains
+// [1] https://support.mozilla.org/kb/quarantined-domains
 // [2] https://www.ghacks.net/2023/07/04/firefox-115-new-esr-base-and-some-add-ons-may-be-blocked-from-running-on-certain-sites/
-//user_pref("extensions.quarantinedDomains.enabled", false);
+//user_pref("extensions.quarantinedDomains.enabled", true); // [DEFAULT: true]
 /******************************************************************************
 * SECTION: HEADERS / REFERERS                                               *
@@ -1120,6 +1135,53 @@ user_pref("privacy.userContext.ui.enabled", true);
    // Optionally, hide the setting which also disables the DRM prompt:
    //user_pref("browser.eme.ui.enabled", false);
 /******************************************************************************
 * SECTION: JIT                                                              *
 ******************************************************************************/
 // PREF: Just-In-Time Compilation
 // Around half of zero-day exploits are directly related to "just in time"
 // (JIT) compilers, and disabling that can greatly improve your protection against
 // these potential exploits.
 // [1] https://microsoftedge.github.io/edgevr/posts/Super-Duper-Secure-Mode/
 // [2] https://www.youtube.com/watch?v=i7qlZeDt9o4
 // PREF: JavaScript JIT
 // PREF: disable Ion and baseline JIT to harden against JS exploits
 // [NOTE] When both Ion and JIT are disabled, and trustedprincipals
 // is enabled, then Ion can still be used by extensions [4].
 // Tor Browser doesn't even ship with these disabled by default.
 // [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox+jit
 // [2] https://microsoftedge.github.io/edgevr/posts/Super-Duper-Secure-Mode/
 // [3] https://support.microsoft.com/en-us/microsoft-edge/enhance-your-security-on-the-web-with-microsoft-edge-b8199f13-b21b-4a08-a806-daed31a1929d
 // [4] https://bugzilla.mozilla.org/show_bug.cgi?id=1599226
 // [5] https://wiki.mozilla.org/IonMonkey
 // [6] https://github.com/arkenfox/user.js/issues/1791#issuecomment-1891273681
 //user_pref("javascript.options.baselinejit", false);
 //user_pref("javascript.options.ion", false);
 //user_pref("javascript.options.jit_trustedprincipals", false);
 // PREF: WebAssembly JIT [FF52+]
 // Vulnerabilities [1] have increasingly been found, including those known and fixed
 // in native programs years ago [2]. WASM has powerful low-level access, making
 // certain attacks (brute-force) and vulnerabilities more possible.
 // [STATS] ~0.2% of websites, about half of which are for cryptomining / malvertising [2][3]
 // [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wasm
 // [2] https://spectrum.ieee.org/tech-talk/telecom/security/more-worries-over-the-security-of-web-assembly
 // [3] https://www.zdnet.com/article/half-of-the-websites-using-webassembly-use-it-for-malicious-purposes
 //user_pref("javascript.options.wasm", false);
    //user_pref("javascript.options.wasm_trustedprincipals", false);
    //user_pref("javascript.options.wasm_baselinejit", false);
    //user_pref("javascript.options.wasm_optimizingjit", false);
 // PREF: Asm.js JIT [FF22+]
 // [1] http://asmjs.org/
 // [2] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=asm.js
 // [3] https://rh0dev.github.io/blog/2017/the-return-of-the-jit/
 //user_pref("javascript.options.asmjs", false);
 // PREF: Blinterp (JIT-like)
 //user_pref("javascript.options.blinterp", false);
 /******************************************************************************
 * SECTION: VARIOUS                                                          *
 ******************************************************************************/
@@ -1133,44 +1195,28 @@ user_pref("privacy.userContext.ui.enabled", true);
 // If this is less than 5, then pasting code into the web console is disabled.
 //user_pref("devtools.selfxss.count", 5);
-// PREF: disable asm.js [FF22+]
+// PREF: disable middle click on new tab button opening URLs or searches using clipboard [FF115+]
-// [WARNING] Disabling this pref may disrupt your browsing experience.
+// Enable if you're using LINUX.
-// [1] http://asmjs.org/
+//user_pref("browser.tabs.searchclipboardfor.middleclick", false); // DEFAULT WINDOWS macOS
 // [2] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=asm.js
 // [3] https://rh0dev.github.io/blog/2017/the-return-of-the-jit/
 //user_pref("javascript.options.asmjs", false);
-// PREF: disable Ion and baseline JIT to harden against JS exploits
+// PREF: do not allow PDFs to load javascript
-// [NOTE] When both Ion and JIT are disabled, and trustedprincipals
+// [1] https://www.reddit.com/r/uBlockOrigin/comments/mulc86/firefox_88_now_supports_javascript_in_pdf_files/
 // is enabled, then Ion can still be used by extensions [4].
 // [WARNING] Disabling these prefs will disrupt your browsing experience [6].
 // Tor Browser doesn't even ship with these disabled by default.
 // [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox+jit
 // [2] https://microsoftedge.github.io/edgevr/posts/Super-Duper-Secure-Mode/
 // [3] https://support.microsoft.com/en-us/microsoft-edge/enhance-your-security-on-the-web-with-microsoft-edge-b8199f13-b21b-4a08-a806-daed31a1929d
 // [4] https://bugzilla.mozilla.org/show_bug.cgi?id=1599226
 // [5] https://wiki.mozilla.org/IonMonkey
 // [6] https://github.com/arkenfox/user.js/issues/1791#issuecomment-1891273681
 //user_pref("javascript.options.ion", false);
 //user_pref("javascript.options.baselinejit", false);
 //user_pref("javascript.options.jit_trustedprincipals", true); // [FF75+] [HIDDEN PREF]
-// PREF: disable WebAssembly [FF52+]
+// PREF: enforce PDFJS, disable PDFJS scripting
-// [WARNING] Disabling this pref may disrupt your browsing experience.
+// This setting controls if the option "Display in Firefox" is available in the setting below
-// Vulnerabilities [1] have increasingly been found, including those known and fixed
+// and by effect controls whether PDFs are handled in-browser or externally ("Ask" or "Open With").
-// in native programs years ago [2]. WASM has powerful low-level access, making
+// [WHY] pdfjs is lightweight, open source, and secure: the last exploit was June 2015 [1].
-// certain attacks (brute-force) and vulnerabilities more possible.
+// It doesn't break "state separation" of browser content (by not sharing with OS, independent apps).
-// [STATS] ~0.2% of websites, about half of which are for cryptomining / malvertising [2][3]
+// It maintains disk avoidance and application data isolation. It's convenient. You can still save to disk.
-// [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wasm
+// [NOTE] JS can still force a pdf to open in-browser by bundling its own code.
-// [2] https://spectrum.ieee.org/tech-talk/telecom/security/more-worries-over-the-security-of-web-assembly
+// [SETUP-CHROME] You may prefer a different pdf reader for security/workflow reasons.
-// [3] https://www.zdnet.com/article/half-of-the-websites-using-webassembly-use-it-for-malicious-purposes
+// [SETTING] General>Applications>Portable Document Format (PDF)
-//user_pref("javascript.options.wasm", false);
+// [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=pdf.js+firefox
 // [2] https://www.reddit.com/r/uBlockOrigin/comments/mulc86/firefox_88_now_supports_javascript_in_pdf_files/
 //user_pref("pdfjs.disabled", false); // [DEFAULT: false]
 user_pref("pdfjs.enableScripting", false); // [FF86+]
-// PREF: CSP reporting
+ /******************************************************************************
 // [1] https://github.com/yokoffing/Betterfox/issues/415
 //user_pref("security.csp.reporting.enabled", false);
 /******************************************************************************
 * SECTION: SAFE BROWSING (SB)                                               *
 ******************************************************************************/
@@ -1371,6 +1417,7 @@ user_pref("toolkit.telemetry.firstShutdownPing.enabled", false);
 // PREF: disable Telemetry Coverage
 // [1] https://blog.mozilla.org/data/2018/08/20/effectively-measuring-search-in-firefox/
 // [2] https://github.com/yokoffing/Betterfox/issues/443
 user_pref("toolkit.telemetry.coverage.opt-out", true); // [HIDDEN PREF]
 user_pref("toolkit.coverage.opt-out", true); // [FF64+] [HIDDEN PREF]
 user_pref("toolkit.coverage.endpoint.base", "");
@@ -51,6 +51,10 @@ INSTALLATIONS_TO_CHECK = [
        "command": [str(Path("C:/Program Files/Mozilla Firefox/firefox"))],
        "root": Path(getenv("APPDATA") or "").joinpath("Mozilla/Firefox").resolve(),
    },
    {
        "command": [str(Path(getenv("LOCALAPPDATA") or "").joinpath("Mozilla Firefox/firefox").resolve())],
        "root": Path(getenv("APPDATA") or "").joinpath("Mozilla/Firefox").resolve(),
    },
    # linux
    {
        "command": ["firefox"],
@@ -61,6 +65,11 @@ INSTALLATIONS_TO_CHECK = [
        "command": ["flatpak", "run", "org.mozilla.firefox"],
        "root": Path.home().joinpath(".var/app/org.mozilla.firefox/.mozilla/firefox").absolute(),
    },
    # macOS
    {
        "command": ["/Applications/Firefox.app/Contents/MacOS/firefox"],
        "root": Path.home().joinpath("Library/Application Support/Firefox").absolute(),
    },
 ]
@@ -166,6 +175,8 @@ def extract_betterfox(data, profile_folder):
    zipfile = ZipFile(data)
    userjs_zipinfo = None
    for file in zipfile.filelist:
        if "/zen/" in file.filename and not args.zen:
            continue
        if file.filename.endswith("user.js"):
            userjs_zipinfo = file
            userjs_zipinfo.filename = Path(userjs_zipinfo.filename).name
@@ -205,6 +216,7 @@ if __name__ == "__main__":
    )
    argparser.add_argument("--overrides", "-o", default=default_profile_folder.joinpath("user-overrides.js"), help="if the provided file exists, add overrides to user.js. Defaults to " + str(default_profile_folder.joinpath("user-overrides.js"))),
    argparser.add_argument("--zen", "-z", action="store_true", default=False, help="Install user.js for the Zen browser instead. Defaults to False"),
    advanced = argparser.add_argument_group("Advanced")
@@ -28,10 +28,10 @@ user_pref("network.http.speculative-parallel-limit", 20);
 user_pref("browser.urlbar.speculativeConnect.enabled", true);
 user_pref("browser.places.speculativeConnect.enabled", true);
 user_pref("network.prefetch-next", true);
 user_pref("network.http.max-persistent-connections-per-server", 20); // increase download connections
 /** SECUREFOX ***/
 user_pref("privacy.trackingprotection.allow_list.convenience.enabled", false); // disable Strict allowlist of convenience features
 user_pref("signon.rememberSignons", false); // disable password manager
 user_pref("extensions.formautofill.addresses.enabled", false); // disable address manager
 user_pref("extensions.formautofill.creditCards.enabled", false); // disable credit card manager
@@ -57,6 +57,9 @@ user_pref("security.cert_pinning.enforcement_level", 2); // strict public key pi
 user_pref("captivedetect.canonicalURL", ""); // disable captive portal detection
 user_pref("network.captive-portal-service.enabled", false); // disable captive portal detection
 user_pref("network.connectivity-service.enabled", false); // disable captive portal detection
 user_pref("browser.download.enableDeletePrivate", true); // Delete files downloaded in private browsing when all private windows are closed
 user_pref("browser.download.deletePrivateChosen", true); // Delete files downloaded in private browsing when all private windows are closed
 user_pref("browser.download.deletePrivate", true); // Delete files downloaded in private browsing when all private windows are closed
 /** PESKYFOX ***/
 user_pref("devtools.accessibility.enabled", false); // removes un-needed "Inspect Accessibility Properties" on right-click
@@ -150,3 +153,5 @@ user_pref("network.trr.mode", 2); // enable TRR (with System fallback)
 user_pref("network.trr.max-fails", 5); // lower max attempts to use DoH
 user_pref("geo.provider.use_geoclue", false); // [LINUX]
 user_pref("pdfjs.defaultZoomValue", "page-width"); // PDF zoom level
@@ -10,7 +10,7 @@
 /****************************************************************************
 * Betterfox                                                                *
 * "Ad meliora"                                                             *
- * version: 140                                                             *
+ * version: 146                                                             *
 * url: https://github.com/yokoffing/Betterfox                              *
 ****************************************************************************/
@@ -18,31 +18,40 @@
 * SECTION: FASTFOX                                                         *
 ****************************************************************************/
 /** GENERAL ***/
-user_pref("content.notify.interval", 100000);
+user_pref("gfx.content.skia-font-cache-size", 32);
 /** GFX ***/
-user_pref("gfx.canvas.accelerated.cache-size", 512);
+user_pref("gfx.webrender.layer-compositor", true);
-user_pref("gfx.content.skia-font-cache-size", 20);
+user_pref("gfx.canvas.accelerated.cache-items", 32768);
 user_pref("gfx.canvas.accelerated.cache-size", 4096);
 user_pref("webgl.max-size", 16384);
 /** DISK CACHE ***/
 user_pref("browser.cache.disk.enable", false);
 /** MEMORY CACHE ***/
 user_pref("browser.cache.memory.capacity", 131072);
 user_pref("browser.cache.memory.max_entry_size", 20480);
 user_pref("browser.sessionhistory.max_total_viewers", 4);
 user_pref("browser.sessionstore.max_tabs_undo", 10);
 /** MEDIA CACHE ***/
-user_pref("media.memory_cache_max_size", 65536);
+user_pref("media.memory_cache_max_size", 262144);
-user_pref("media.cache_readahead_limit", 7200);
+user_pref("media.memory_caches_combined_limit_kb", 1048576);
-user_pref("media.cache_resume_threshold", 3600);
+user_pref("media.cache_readahead_limit", 600);
 user_pref("media.cache_resume_threshold", 300);
 /** IMAGE CACHE ***/
-user_pref("image.mem.decode_bytes_at_a_time", 32768);
+user_pref("image.cache.size", 10485760);
 user_pref("image.mem.decode_bytes_at_a_time", 65536);
 /** NETWORK ***/
 user_pref("network.http.max-connections", 1800);
 user_pref("network.http.max-persistent-connections-per-server", 10);
 user_pref("network.http.max-urgent-start-excessive-connections-per-host", 5);
 user_pref("network.http.request.max-start-delay", 5);
 user_pref("network.http.pacing.requests.enabled", false);
 user_pref("network.dnsCacheEntries", 10000);
 user_pref("network.dnsCacheExpiration", 3600);
 user_pref("network.ssl_tokens_cache_capacity", 10240);
@@ -53,10 +62,6 @@ user_pref("network.dns.disablePrefetchFromHTTPS", true);
 user_pref("browser.urlbar.speculativeConnect.enabled", false);
 user_pref("browser.places.speculativeConnect.enabled", false);
 user_pref("network.prefetch-next", false);
 user_pref("network.predictor.enabled", false);
 /** EXPERIMENTAL ***/
 user_pref("layout.css.grid-template-masonry-value.enabled", true);
 /****************************************************************************
 * SECTION: SECUREFOX                                                       *
@@ -64,13 +69,13 @@ user_pref("layout.css.grid-template-masonry-value.enabled", true);
 /** TRACKING PROTECTION ***/
 user_pref("browser.contentblocking.category", "strict");
 user_pref("browser.download.start_downloads_in_tmp_dir", true);
 user_pref("browser.helperApps.deleteTempFileOnExit", true);
 user_pref("browser.uitour.enabled", false);
 user_pref("privacy.globalprivacycontrol.enabled", true);
 /** OCSP & CERTS / HPKP ***/
 user_pref("security.OCSP.enabled", 0);
-user_pref("security.pki.crlite_mode", 2);
+user_pref("privacy.antitracking.isolateContentScriptResources", true);
 user_pref("security.csp.reporting.enabled", false);
 /** SSL / TLS ***/
 user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
@@ -82,8 +87,8 @@ user_pref("browser.privatebrowsing.forceMediaMemoryCache", true);
 user_pref("browser.sessionstore.interval", 60000);
 /** SHUTDOWN & SANITIZING ***/
 user_pref("browser.privatebrowsing.resetPBM.enabled", true);
 user_pref("privacy.history.custom", true);
 user_pref("browser.privatebrowsing.resetPBM.enabled", true);
 /** SEARCH / URL BAR ***/
 user_pref("browser.urlbar.trimHttps", true);
@@ -95,16 +100,16 @@ user_pref("browser.urlbar.groupLabels.enabled", false);
 user_pref("browser.formfill.enable", false);
 user_pref("network.IDN_show_punycode", true);
 /** HTTPS-ONLY MODE ***/
 user_pref("dom.security.https_only_mode", true);
 user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
 /** PASSWORDS ***/
 user_pref("signon.formlessCapture.enabled", false);
 user_pref("signon.privateBrowsingCapture.enabled", false);
 user_pref("network.auth.subresource-http-auth-allow", 1);
 user_pref("editor.truncate_user_pastes", false);
 /** MIXED CONTENT + CROSS-SITE ***/
 user_pref("security.mixed_content.block_display_content", true);
 user_pref("pdfjs.enableScripting", false);
 /** EXTENSIONS ***/
 user_pref("extensions.enabledScopes", 5);
@@ -114,6 +119,9 @@ user_pref("network.http.referer.XOriginTrimmingPolicy", 2);
 /** CONTAINERS ***/
 user_pref("privacy.userContext.ui.enabled", true);
 /** VARIOUS ***/
 user_pref("pdfjs.enableScripting", false);
 /** SAFE BROWSING ***/
 user_pref("browser.safebrowsing.downloads.remote.enabled", false);
@@ -157,7 +165,6 @@ user_pref("browser.tabs.crashReporting.sendReport", false);
 * SECTION: PESKYFOX                                                        *
 ****************************************************************************/
 /** MOZILLA UI ***/
 user_pref("browser.privatebrowsing.vpnpromourl", "");
 user_pref("extensions.getAddons.showPane", false);
 user_pref("extensions.htmlaboutaddons.recommendations.enabled", false);
 user_pref("browser.discovery.enabled", false);
@@ -166,6 +173,7 @@ user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", fa
 user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
 user_pref("browser.preferences.moreFromMozilla", false);
 user_pref("browser.aboutConfig.showWarning", false);
 user_pref("browser.startup.homepage_override.mstone", "ignore");
 user_pref("browser.aboutwelcome.enabled", false);
 user_pref("browser.profiles.enabled", true);
@@ -174,13 +182,19 @@ user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
 user_pref("browser.compactmode.show", true);
 user_pref("browser.privateWindowSeparation.enabled", false); // WINDOWS
 /** AI ***/
 user_pref("browser.ml.enable", false);
 user_pref("browser.ml.chat.enabled", false);
 user_pref("browser.ml.chat.menu", false);
 user_pref("browser.tabs.groups.smart.enabled", false);
 user_pref("browser.ml.linkPreview.enabled", false);
 /** FULLSCREEN NOTICE ***/
 user_pref("full-screen-api.transition-duration.enter", "0 0");
 user_pref("full-screen-api.transition-duration.leave", "0 0");
 user_pref("full-screen-api.warning.timeout", 0);
 /** URL BAR ***/
 user_pref("browser.urlbar.unitConversion.enabled", true);
 user_pref("browser.urlbar.trending.featureGate", false);
 /** NEW TAB PAGE ***/
@@ -188,9 +202,7 @@ user_pref("browser.newtabpage.activity-stream.default.sites", "");
 user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false);
 user_pref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
 user_pref("browser.newtabpage.activity-stream.showSponsored", false);
-
+user_pref("browser.newtabpage.activity-stream.showSponsoredCheckboxes", false);
 /** POCKET ***/
 user_pref("extensions.pocket.enabled", false);
 /** DOWNLOADS ***/
 user_pref("browser.download.manager.addToRecentDocs", false);
@@ -10,7 +10,7 @@
 /****************************************************************************
 * BetterZen                                                                *
 * "Ex nihilo nihil fit"                                                    *
- * version: 138                                                             *
+ * version: 142                                                             *
 * url: https://github.com/yokoffing/Betterfox                              *
 ****************************************************************************/
@@ -38,6 +38,8 @@ user_pref("network.predictor.enable-prefetch", false);
 ****************************************************************************/
 /** TRACKING PROTECTION ***/
 user_pref("browser.contentblocking.category", "strict");
 user_pref("privacy.trackingprotection.allow_list.baseline.enabled", true);
 user_pref("privacy.trackingprotection.allow_list.convenience.enabled", true);
 user_pref("browser.download.start_downloads_in_tmp_dir", true);
 /** OCSP & CERTS / HPKP ***/
Author	SHA1	Message	Date
yokoffing	eee6e58b2b	146.0 (#447 )	2025-12-13 16:59:25 -05:00
NewKidOnTheBlock	3b159ac8fb	Removed outdated VPN Promo & Quickactions lines (#442 )	2025-10-28 23:00:52 -04:00
balacij	9d7e6acb9c	install.py: add support for macOS (#434 )	2025-10-22 20:54:50 -04:00
NewKidOnTheBlock	9f3e90876f	Remove outdated Pocket line (#439 ) As described in issue #438	2025-10-22 20:32:40 -04:00
yokoffing	9efeb601f6	144.0 (#429 )	2025-10-18 21:03:42 -04:00
Vadim Zyamalov	7b3cee24cc	Allow Firefox installed as non-admin (#423 )	2025-09-05 14:53:22 -04:00
yokoffing	2d81cd4094	142.0 (#420 )	2025-08-20 17:21:59 -04:00
Cat	ad9a3b4693	install.py: BetterZen compatibility (#418 )	2025-08-20 14:52:16 -04:00